--- ansh/src/utils.c	2011/10/14 12:45:09	1.1.1.1.2.12
+++ ansh/src/utils.c	2011/10/17 20:14:02	1.2
@@ -3,7 +3,7 @@
  *  by Michael Pounov <misho@elwix.org>
  *
  * $Author: misho $
- * $Id: utils.c,v 1.1.1.1.2.12 2011/10/14 12:45:09 misho Exp $
+ * $Id: utils.c,v 1.2 2011/10/17 20:14:02 misho Exp $
  *
  *************************************************************************
 The ELWIX and AITNET software is distributed under the following
@@ -206,6 +206,8 @@ icmpRecv(int s, u_int * __restrict seq, u_short * __re
 			VERB(3) LOG("Channel SECURED:: Plain text communication not supported at this moment ...");
 			return ANSH_FLG_ERR;
 		}
+		if (ntohl(hdr->ansh_nonce) != *crypted)
+			VERB(4) LOG("Detect change of nonce from %x to %x", *crypted, ntohl(hdr->ansh_nonce));
 
 		*crypted = ntohl(hdr->ansh_nonce);
 	}
@@ -285,7 +287,7 @@ icmpSend(int s, u_int seq, u_short id, char flg, u_int
 static int
 _pkt_Send(int s, u_int seq, char flg, u_int crypted, u_char *data, int datlen, struct io_ether_addr *ea)
 {
-	u_char *pos, buf[USHRT_MAX] = { 0 };
+	u_char *pos, *str, buf[USHRT_MAX] = { 0 };
 	struct ether_header *e = (struct ether_header*) buf;
 	struct ansh_hdr *hdr;
 	int ret = 0;
@@ -301,6 +303,14 @@ _pkt_Send(int s, u_int seq, char flg, u_int crypted, u
 
 	memcpy(pos, data, datlen);
 
+	if (Crypted) {
+		str = cryptBuffer(pos, datlen, Crypted);
+		if (str) {
+			memcpy(pos, str, datlen);
+			free(str);
+		}
+	}
+
 	hdr->ansh_ver = ANSH_VERSION;
 	hdr->ansh_flg = flg;
 	hdr->ansh_len = htons(datlen + sizeof(struct ansh_hdr));
@@ -352,6 +362,7 @@ _pkt_Recv(u_char * __restrict buf, int rlen, u_int * _
 	struct bpf_hdr *bpf;
 	struct ansh_hdr *hdr;
 	u_int crc;
+	u_char *str;
 
 	if (rlen < (sizeof(struct bpf_hdr) + ETHER_HDR_LEN + sizeof(struct ansh_hdr))) {
 		VERB(1) LOG("Discard packet too short %d ...", rlen);
@@ -384,6 +395,8 @@ _pkt_Recv(u_char * __restrict buf, int rlen, u_int * _
 			VERB(3) LOG("Channel SECURED:: Plain text communication not supported at this moment ...");
 			return ANSH_FLG_ERR;
 		}
+		if (ntohl(hdr->ansh_nonce) != *crypted)
+			VERB(4) LOG("Detect change of nonce from %x to %x", *crypted, ntohl(hdr->ansh_nonce));
 
 		*crypted = ntohl(hdr->ansh_nonce);
 	}
@@ -400,6 +413,16 @@ _pkt_Recv(u_char * __restrict buf, int rlen, u_int * _
 	/* select data */
 	if (data) {
 		*datlen = ntohs(hdr->ansh_len) - sizeof(struct ansh_hdr);
+		if (Crypted) {
+			str = cryptBuffer(buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr), 
+					*datlen, Crypted);
+			if (str) {
+				memcpy(buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr), 
+						str, *datlen);
+				free(str);
+			}
+		}
+
 		memcpy(data, buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr), *datlen);
 	}